Lack of hindsight and negligence on the part of the user are in most cases the causes of account or data theft. These tips and recommendations are therefore aimed at anyone who wants to play Arkedya while ensuring the security of their account.
Best practices for passwords
Over and above the protections implemented on our services by our developers, your password is the most important barrier between your account and a malicious user. That is why it is strongly recommended to follow the best practices listed here.
Use a unique password that you do not use on any other service. This way, in the event of theft or loss, only your Arkedya account will be vulnerable.
This is surely one of the most important practices, because if you do not, all the services to which you have subscribed with this password (for example your e-mail box) will be compromised.
The strength of a password is its ability to resist being guessed, i.e. an attempt to "find" it.
Most often, malicious users will try to access your account using two types of attack:
- The "brute-force" attack, carried out by a computer, consists of trying every possible and unimaginable combination to find a password, at a rate of several thousand combinations per second. So the longer your password is and the more different types of characters it contains, the longer it will take the attacker to find the right combination: this can range from a few seconds for the simplest passwords to thousands of years for the most complex.
- The "dictionary" attack, also carried out by a computer, is based on the fact that many users use very common passwords (logical sequence, colour, animal, etc.). The computer tests all the words in a predefined dictionary one by one.
To avoid the attacks described above as much as possible, please follow the rules below to define a strong password:
- It must contain at least 12 characters.
- It must contain uppercase letters.
- It must contain lowercase letters.
- It must contain digits.
- It must contain special characters.
- It must be complex enough not to be guessed.
- It must not be linked to your personal life (date of birth, first name of a relative, music band, private information, etc.).
- It must not be a logical sequence such as
Here are some tips to help you create a password:
- Use a reputable password generator (example: LastPass).
- Opt for the phonetic method: "Run for the hills at 7% speed" will become
R0n4dHiLLs@7%SP33d(DO NOT USE THE EXAMPLE PASSWORD).
- Opt for the first letter method: "I love it, Arkedya is one of the coolest games ever!" will become
Ili,Ai1otcge!(DO NOT USE THE EXAMPLE PASSWORD).
- Invent your own method that only you hold the secret to.
Never give your password to anyone else, and never ask anyone to generate one for you. Administrators and moderators will never ask you for your password. If someone asks you for it, you are inevitably facing a hacking attempt.
Do not store your password in a computer file, send it to yourself by e-mail or write it on a piece of paper that anyone can read. If you encounter any difficulties remembering your password because it is too long or too complex, opt for a secure password manager (e.g. LastPass).
Be wary of public or free networks, and of shared computers with free access (cybercafé, public place, etc.). In these cases, it is recommended using the browser's private browsing mode whenever possible. Also remember to sign out of your account when you have finished your session, and to change your password once you are back on your trusted device.
No password is infallible: it is all a question of time. So remember to renew your password periodically at reasonable intervals. Every 6 months is generally a good compromise.
Suspicion of hacking
If you have the slightest suspicion about the security of your account, or if you know for a fact that your password has been compromised, change it immediately.
Be careful with fraudulent links
Some malicious users may create content containing fraudulent links, so please be careful when clicking on links external to the services.
Other ways made available to secure the account
To strengthen the security of your account access, we provide a multi-factor authentication system that you can enable by clicking here.
This tool will act as a confirmation. Each time you sign in, it will ask you to enter a one-time code generated by an authentication application to ensure that you are indeed the owner trying to authenticate to the account. Only the code generated by the application on your device will work.
To avoid losing access to your account if you lose your device or application, it is very important to download the recovery codes, then print them out and keep them safe.
In the event of compromised access
If for any reason your account credentials have been compromised, please follow the steps below:
- Change your password immediately from the "My account" page and "Personal information" tab.
- Revoke all accesses to the account using the dedicated button from the "My account" page and "Security" tab.
- Notify the Arkedya team through the support.
At the same time, you should also consider following these steps to strengthen the security of your account: